Smit is a simple ARP sniffer for switched/unswitched networks.
Version: 0.20Smit is a simple ARP sniffer for switched/unswitched networks.
Operating System: Linux
It works even better on switched networks, because the spoofed sides do not see the duplicated packets.
I based the tool on sources from arpmitm and arprelay and included nice features like automatic ARP MAC query and some improved MAC cache consistence algorithm.
Now you can save the whole relayed traffic to a file (buffered, for heavy traffic and direct write mode included) and analyse it with some hex editor.
The format of the capture file defaults now to 'pkt' which means the captured packets will be prefixed with packet id (number, going from 0) and the captured packet length.
The file can be decoded with the pktview utility which I'm still working on. Undef 'TCPDATA' in pktview.c if you don't want the lame tcp-data extracting code